🔑 Authentication & IAM AI Skills

Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.

Manage Tailscale tailnet via CLI and API. Use when the user asks to "check tailscale status", "list tailscale devices", "ping a device", "send file via tailscale", "tailscale funnel", "create auth key", "check who's online", or mentions Tailscale network management.

gws CLI: Shared patterns for authentication, global flags, and output formatting.

Set up Gmail API access via gog CLI with manual OAuth flow. Use when setting up Gmail integration, renewing expired OAuth tokens, or troubleshooting Gmail authentication on headless servers.

Automate OAuth login flows with user confirmation via Telegram. Supports 7 providers: Google, Apple, Microsoft, GitHub, Discord, WeChat, QQ. Features: - Auto-detect available OAuth options on login pages - Ask user to choose via Telegram when multiple options exist - Confirm before authorizing - Handle account selection and consent pages automatically

Self-hosted auth for TypeScript/Cloudflare Workers with social auth, 2FA, passkeys, organizations, RBAC, and 15+ plugins. Requires Drizzle ORM or Kysely for D1 (no direct adapter). Self-hosted alternative to Clerk/Auth.js. Use when: self-hosting auth on D1, building OAuth provider, multi-tenant SaaS, or troubleshooting D1 adapter errors, session caching, rate limits, Expo crashes, additionalFields bugs.

Implement OAuth 2.0 and OpenID Connect flows securely.

Build secure authentication with sessions, JWT, OAuth, passwordless, MFA, and SSO for web and mobile apps.

Implement secure JWT authentication with proper validation and token handling.

Test authentication and session management controls for bypass and account takeover scenarios.

Zoho People API integration with managed OAuth. Manage employees, departments, designations, attendance, and leave. Use this skill when users want to read, create, update, or query HR data like employees, departments, designations, and forms in Zoho People. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway). Requires network access and valid Maton API key.

Agent verification via ClawX OAuth system. Use when checking agent verification status, embedding verification widgets, or working with agent identity/trust tiers.

OAuth token refresh management for Google APIs via gog CLI.

IAM namespace for Netsnek e.U. identity and access management toolkit. Provides user authentication, role-based access control, and session management for we...

Guide to implement secure API practices including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabi...

OAuth for the agentic era. Consent-gating for ALL sensitive agent actions. 75+ data-driven threat definitions with auto-updates (like antivirus signatures)....

Build secure access control with RBAC, ABAC, permissions, policies, and scope-based authorization.

Authentication and authorization patterns — JWT, OAuth 2.0, sessions, RBAC/ABAC, password security, MFA, and vulnerability prevention. Use when implementing login flows, protecting routes, managing tokens, or auditing auth security.

SIWA (Sign-In With Agent) authentication for ERC-8004 registered agents.

Post to X (Twitter) using the official OAuth 1.0a API. Use when asked to "post to X", "tweet this", "post on Twitter", create threads, delete tweets, or chec...

Quo API integration with managed OAuth. Manage calls, messages, contacts, and conversations for your business phone system. Use this skill when users want to send SMS, list calls, manage contacts, or retrieve call recordings/transcripts. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway). Requires network access and valid Maton API key.

Implement secure authentication and authorization using JWT, OAuth2, session management, RBAC, permissions, and resource ownership verification.

Harden an OpenClaw Linux server with SSH key-only auth, UFW firewall, fail2ban brute-force protection, and credential permissions. Use when setting up a new...

Debug and troubleshoot common issues with the Orderly SDK including errors, WebSocket issues, authentication problems, and trading failures.